Juniper Juno IPv6 Over IPv4 Tunnel Security Bypass Vulnerability
BID:50705
Info
Juniper Juno IPv6 Over IPv4 Tunnel Security Bypass Vulnerability
| Bugtraq ID: | 50705 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 17 2011 12:00AM |
| Updated: | Nov 17 2011 12:00AM |
| Credit: | Reported by the vendor |
| Vulnerable: |
Juniper Junos 10.2R2 |
| Not Vulnerable: |
Juniper Junos 10.2R3 |
Discussion
Juniper Juno IPv6 Over IPv4 Tunnel Security Bypass Vulnerability
Juniper Juno is prone to a security-bypass vulnerability.
Successful exploit of this issue allows attackers to bypass certain security policies that are not being enforced.
Versions prior to Juniper Juno 10.2 R3 are vulnerable.
Juniper Juno is prone to a security-bypass vulnerability.
Successful exploit of this issue allows attackers to bypass certain security policies that are not being enforced.
Versions prior to Juniper Juno 10.2 R3 are vulnerable.
Exploit / POC
Juniper Juno IPv6 Over IPv4 Tunnel Security Bypass Vulnerability
An attacker can use readily available network utilities.
An attacker can use readily available network utilities.
Solution / Fix
Juniper Juno IPv6 Over IPv4 Tunnel Security Bypass Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
Juniper Juno IPv6 Over IPv4 Tunnel Security Bypass Vulnerability
References:
References:
- Juniper Junos IPv6 Over IPv4 Tunnel Policy Bypas (Juniper)
- Juniper Networks Homepage (Juniper Networks)